12 - 2016 - :: Deepquest ::

[EXPLOIT]

>> Microsoft Internet Explorer 9 MSHTML CMarkup::ReloadInCompatView Use-After-Free

USER: deepcore // 2016-12-16 // 0 CMT

Microsoft Internet Explorer 9 suffers from an MSHTML CMarkup::ReloadInCompatView use-after-free vulnerability.

[EXPLOIT]

>> Microsoft Internet Explorer 9 IEFRAME CMarkup..RemovePointerPos Use-After-Free

USER: deepcore // 2016-12-16 // 0 CMT

Microsoft Internet Explorer 9 suffers from an IEFRAME CMarkup..RemovePointerPos use-after-free vulnerability.

[EXPLOIT]

>> VMPanel 2.7.4 SQL Injection

USER: deepcore // 2016-12-16 // 0 CMT

VMPanel version 2.7.4 suffers from a remote SQL injection vulnerability.

[EXPLOIT]

>> Microsoft Internet Explorer 9 IEFRAME CMarkupPointer::MoveToGap Use-After-Free

USER: deepcore // 2016-12-16 // 0 CMT

Microsoft Internet Explorer 9 suffers from an IEFRAME CMarkupPointer::MoveToGap use-after-free vulnerability.

[EXPLOIT]

>> Nagios Core Curl Command Injection / Code Execution

USER: deepcore // 2016-12-16 // 0 CMT

Nagios Core versions prior to 4.2.2 suffer from a curl command injection vulnerability that can lead to remote code execution.

[EXPLOIT]

>> XNU Kernel set_dp_control_port Use-After-Free

USER: deepcore // 2016-12-16 // 0 CMT

The XNU kernel suffers from a use-after-free vulnerability due to a lack of locking in set_dp_control_port.

[APPLE]

>> Apple Security Advisory 2016-12-13-1

USER: deepcore // 2016-12-16 // 0 CMT

Apple Security Advisory 2016-12-13-1 – macOS 10.12.2 is now available and addresses arbitrary code execution, denial of service, and various other vulnerabilities.

[APPLE]

>> Apple Security Advisory 2016-12-13-2

USER: deepcore // 2016-12-16 // 0 CMT

Apple Security Advisory 2016-12-13-2 – Safari 10.0.2 is now available and addresses cross site scripting, arbitrary code execution, and various other vulnerabilities.

[APPLE]

>> Apple Security Advisory 2016-12-13-3

USER: deepcore // 2016-12-16 // 0 CMT

Apple Security Advisory 2016-12-13-3 – iTunes 12.5.4 is now available and addresses memory corruption, arbitrary code execution, and various other vulnerabilities.

[APPLE]

>> Apple Security Advisory 2016-12-13-6

USER: deepcore // 2016-12-16 // 0 CMT

Apple Security Advisory 2016-12-13-6 – This advisory provides additional information in regards to tvOS 10.1 fixes as originally documented in APPLE-SA-2016-12-12-3.

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: